Announcement

Collapse
No announcement yet.

Possible Hacker?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Possible Hacker?

    My board is in the US. For weeks now, someone from Poland (I can tell by the IP) has been viewing the forums as a Guest - - for 8-12 hours a day - - always trying (according to "Who's On Line") to edit a post, quote a post, or report a post.

    'Natch, as a Guest, nothing happens. But, why would someone keep trying this for weeks, all day long? It's always the same IP from Poland.

    No jokes - - should I be worried? What can I do? If it helps, I am running the lastest v. of vbulletin.

  • #2
    Well I would ban his ip, but do it on the whole class. 192.168.0 that will remove anyone from that ISP from getting in.

    Yes I would be worried if they keep trying to do it for weeks.

    Also since you have the logs, find out who he/she is hooked up with and email them that you are having problems with someone attempting to gain access to you system.

    Comment


    • #3
      Thanks - another question -

      On Who's On Line, the IP appears as "bramka.proszynski.pl"
      I've banned that IP - just as it reads. Do I need the numerical equivalent? How can I obtain that?

      I have gone to http://proszynski.pl and e-mailed them - no response - - so, looks like I'll have to defend myself from this side.

      Anything else you can share/offer would be appreciated. Thanks again.

      Comment


      • #4
        Im having the same problem!!!! This is starting to worry me.

        Here is my thread. http://www.vbulletin.com/forum/showt...threadid=42777


        How did you find out where this person was from?

        The guy who is on my site has an IP that starts with 194. Right now, he is doing "Moderator Duties"

        All I get is a static IP address for this person..but like you, this person has been on constantly for some time now.

        Comment


        • #5
          Just found out the source of my mystery man is from Poland as well.............

          getting interesting

          Comment


          • #6
            If someone is attempting to hack into your sites this is all the more reason you need to upgrade to the latest version.
            Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
            Change CKEditor Colors to Match Style (for 4.1.4 and above)

            Steve Machol Photography


            Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


            Comment


            • #7
              Originally posted by smachol
              If someone is attempting to hack into your sites this is all the more reason you need to upgrade to the latest version.
              I have upgraded - when it was released. No need to worry?

              V-Ray - thanks for the heads up! Indeed, strange. I've sent an e-mail to them to see if I can establish contact.

              vBulletin Staff - - if this is an indivdual hacker, he's obviously targeting your product (only reason why the same person found v-ray and I - - are sites are totally different). Should you not look into as well?

              Comment


              • #8
                ok thanks smachol. I am updating to 2.24 as I speak. Hope it goes well <crosses fingers>

                Comment


                • #9
                  V-ray - - FYI. Looks OK - just got this:

                  Bramka.proszynski.pl is our gateway.

                  What you probably experience is our crawler Szukacz which at the moment crawls all the websites listed in the Open Directory (the dmoz.org directory).

                  Our search engine works at http://www.szukacz.pl/ (with the user interface in Polish only, unfortunately).

                  I apologize if our crawler made some problems to your website.
                  Certainly it is not our intention to cause problems. As far as we have
                  test it, our crawler follows all the robots.txt and the robot metatag rules.

                  There is a small chance, however, that it does something wrong.

                  If you let me know the name of your website, I will include it on the list of sites forbidden to be crawled.

                  And let me know what is the exact problem you experience.

                  Sincerely your
                  Mieczyslaw Proszynski
                  http://www.szukacz.pl/

                  Comment


                  • #10
                    cool. Phew! My forums are now updated. Hopefully that will take care of that little bugger.

                    Comment


                    • #11
                      ah ok cool Thanks netshrine! Im not sure if mine was the exact same. Here is the info I got...but I assume its the same type of thing here. Thanks for the info

                      inetnum: 194.181.35.0 - 194.181.35.255
                      netname: PROSZYNSKI
                      descr: Proszynski i S-ka
                      descr: Garazowa 7
                      descr: 02-651 Warszawa
                      country: PL
                      admin-c: PL545-RIPE
                      tech-c: AJ247-RIPE
                      status: ASSIGNED PA
                      notify: [email protected]
                      mnt-by: AS8308-MNT
                      changed: [email protected] 19970926
                      changed: [email protected] 19991228
                      source: RIPE

                      route: 194.181.0.0/16
                      descr: NASK (PL)
                      descr: Provider Local Registry
                      origin: AS8308
                      notify: [email protected]
                      mnt-by: AS8308-MNT
                      changed: [email protected] 19990105
                      source: RIPE

                      Comment

                      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                      Working...
                      X